"The attackers could turn loose another NotPetya … DDoS, literally anything. They are only limited by their own creativity," Williams says.

What to Do

Users of the infected devices should reboot them as soon as possible, which will kill off the stage 2 and 3 malware. That's a temporary fix, however, since the persistent first-stage malware isn't removable with a reboot and the attackers could come back and reinstall the stage 2 and 3 malware again. The devices also should be updated with the latest patches and default credentials should be changed to new strong credentials,
Angara ChannelSet Round Aquamarine Three Stone Journey Pendant 3nsWhaZ0r
.

Updates from the various equipment vendors are rolling in. Netgear said in addition to firmware updates and password resets for its routers, users should turn off remote management in its devices.

"Hopefully, we caught it in time," Williams says of the VPNFilter campaign. Ensuring the actual patching and securing the infected IoT devices mostly will fall on the ISPs, small businesses, or even large businesses who have these devices installed, he says.

Cisco is urging ISPs to "work aggressively" with customers to get the device patched and up-to-date, and to assist users in rebooting their routers.

Mounir Hahad, head of Juniper Threat Labs at Juniper Networks, recommends all home routers and NAS devices be rebooted just in case. "Given the list of compromised device models is large and potentially incomplete, it is recommended that everyone reboots their home routers and NAS devices one time," he says.

That doesn't mean VPNFilter is randomly scanning each and every vulnerable device like Mirai did, however, according to Symantec. Symantec thus far has not seen indiscriminate scanning via its honeypot and sensor data.

Security experts meanwhile have been warning that Russia and other nation-states could ratchet up more aggressive cyberattacks against the US, likely posing as other nations and attack groups for plausible deniability. Russia has been honing its skills on that front for the past year or so, with its destructive NotPetya attack campaign targeting Ukraine, its election-meddling operation during the 2016 US presidential election, and most recently, the false flag operation in its hack of the Winter Olympics systems.

"This is an alarming variant of malware, as it can destroy infrastructure and take western allies back to the Stone Ages," says Tom Kellermann, chief cybersecurity officer with Carbon Black. "This will spread to NATO members' [countries] this week, and I feel that Putin has taken his gloves off."

This site uses cookies. By continuing to browse this Business Wire site (and/or any other Business Wire website), you accept the use of cookies.
Learn more

TYSONS, Va.--(
BUSINESS WIRE
)--
DXC Technology
(NYSE:DXC) today announced that it has signed an agreement with Zurich Insurance Company Ltd (Zurich), a leading global, multi-line insurance provider, by which the parties wish to extend until December 2022 the Master Services Agreement that will support Zurich’s end user transformation initiatives. The agreement focuses on creating a more secure, modern digital workplace experience for Zurich employees worldwide.

Under the current agreement, originally signed in 2008 and extended in 2014, Zurich employs DXC to provide next-generation end-user IT services to its global workforce. As a centerpiece of its digital workplace transformation journey, Zurich will turn to DXC’s MyWorkStyle, a service that provides a consumer-like experience for workplace solutions, PC device management and Microsoft Windows 10 to enable greater collaboration and connectivity for thousands of users. In addition, DXC will provide security services for end user devices.

Thomas Kropp, group chief IT services officer at Zurich, said: “At Zurich we are committed to invest in the agility and modernization of our systems and provide a digital workplace of the future for our workforce. It is part of our strategy to invest in innovation and digitalization to enhance our operations and to better serve our customers.”

DXC Technology (DXC: NYSE) is the world’s leading independent, end-to-end IT services company, serving nearly 6,000 private and public-sector clients from a diverse array of industries across 70 countries. The company’s technology independence, global talent and extensive partner network deliver transformative digital offerings and solutions that help clients harness the power of innovation to thrive on change. DXC Technology is recognized among the best corporate citizens globally. For more information, visit
Angara Cathedral Three Stone Round Garnet Engagement Ring JR2suZ
.

is a leading multi-line insurer that serves its customers in global and local markets. With about 53,000 employees, it provides a wide range of property and casualty, and life insurance products and services in more than 210 countries and territories. Zurich’s customers include individuals, small businesses, and mid-sized and large companies, as well as multinational corporations. The Group is headquartered in Zurich, Switzerland, where it was founded in 1872. The holding company, Zurich Insurance Group Ltd (ZURN), is listed on the SIX Swiss Exchange and has a level I American Depositary Receipt (ZURVY) program, which is traded over-the-counter on OTCQX. Further information about Zurich is available at
www.zurich.com
.

“At Zurich we are committed to invest in the agility and modernization of our systems and provide a digital workplace of the future for our workforce. It is part of our strategy to invest in innovation and digitalization to enhance our operations and to better serve our customers.”